Discord Bot Token
Description
General
-
Documentation: https://discord.com/developers/docs/intro
-
Summary: Discord is an instant messaging and VoIP application. Bots can read and send text messages, join VoIP discussions and manage servers via its API. A token is needed for authentication. This detector finds them.
-
IPs allowlist: As of the time of writing this documentation, this feature is not yet supported.
-
Scopes: A bot can have no permissions or it can be the administrator of a discord server. See the documentation.
Revoke the secret
A token can be regenerated from the developer portal.
Check for suspicious activity
Audit Log are accessible in each Discord server settings. Review of the logs of every Discord server accessible by the bot is important.
Details for Discord Bot Token
-
Family: token
-
Category: messaging_system
-
Company: Discord
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: True
-
Minimum number of matches: 1
-
Occurrences found for one million commits: very rare
-
Prefixed: False
-
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- '[m-z][a-z0-9_-]{23}\.[a-z0-9_-]{6}\.[a-z0-9_-]{27}'
Examples
- text: |
bot.run('MZ1yGvKTjE0rY0cV8i47CjAa.uRHQPq.Xb1Mk2nEhe-4iUcrGOuegj57zMC')
apikey: MZ1yGvKTjE0rY0cV8i47CjAa.uRHQPq.Xb1Mk2nEhe-4iUcrGOuegj57zMC
- text: |
"token": "Nzk5MjgxNDk0NDc2NDU1OTg3.YABS5g.2lmzECVlZv3vv6miVnUaKPQi2wI",
apikey: Nzk5MjgxNDk0NDc2NDU1OTg3.YABS5g.2lmzECVlZv3vv6miVnUaKPQi2wI
- text: bot.run('MZ1yGvKTjE0rY0cV8i47CjAa.uRHQPq.Xb1Mk2nEhe-4iUcrGOuegj57zMC')
apikey: MZ1yGvKTjE0rY0cV8i47CjAa.uRHQPq.Xb1Mk2nEhe-4iUcrGOuegj57zMC
